Making Room for Privacy in the Global Village

ByJoseph L. DionneAugust 5, 1997

Thirty years ago my company, McGraw-Hill, published a book by the visionary Marshall McLuhan. In that book, Mr. McLuhan predicted the coming of a global village - a world of electronic connections, where distance no longer mattered as a barrier between people.

Today McLuhan's vision is reality and, like families adjusting to apartment living, we all are learning how to live in closer proximity to one another than most of us could have imagined a generation ago.

We're also seeing our privacy jostled and threatened by the electronic frontier. We're constantly being asked questions such as what's your mother's maiden name? What's your Social Security number? How much money do you earn? We fill out an online form to subscribe to a magazine, or to buy stocks, or to to purchase an item from a catalog. Each time, we wonder who's going to see our personal information. An advertiser who wants to figure out which car to try to sell us? A direct marketer ready to barrage us with unwanted mail and e-mail? A nosy neighbor who wants to find out more about us?

For Americans, it's a particularly thorny issue: the opportunity to link the global village more closely vs. the privacy demanded by our individualistic culture. In order to achieve all the benefits of the democratization of knowledge, we've got to come to agreement on what we should and should not share. Privacy is a human right, and it must be protected.

As a global information provider in financial services, publishing, and information and media, more than 90 percent of my company's products are digitized - available in electronic form. And like many other corporations, McGraw-Hill sees much of its growth in digital, electronic platforms. Gaining the trust of our customers - the trust that we will respect and protect their privacy - is essential to taking advantage of the huge opportunities we have to customize information for each individual's needs.

Wary of the Internet

Recently, 60 percent of respondents to an online survey stated that privacy concerns created a significant barrier to their acceptance of electronic commerce. In another survey, 2 out of 3 said they would leave a Web site if they were asked to provide personal information - or worse, that they would provide information that was false.

Meanwhile, advocacy groups and several members of Congress have been calling for extremely stringent government restrictions on the collection of consumer data. The Federal Trade Commission (FTC), in an attempt to assess various options, has held its second round of hearings on the subject. In testimony before the commission, I indicated that there could be significant benefits to a policy of industry self-regulation - provided that industry action is prompt, comprehensive, and diligent in its execution.

Let the industry regulate itself

Self-regulation is first and foremost conducive to the rapid growth of electronic commerce and information exchange. We need only look to some European countries to find the pitfalls of governments regulating data exchanges, rather than the companies themselves. There, excessive controls have played a major part in the continent's slow development of an information economy. Such delays have helped strengthen the United States' competitive edge in information technology and commerce.

An additional advantage of a self-regulatory policy is that it recognizes that both businesses and consumers benefit from the legitimate collection of consumer data. Among the benefits is increased ability of producers to design products and offerings that are tailored to consumer needs.

Although the FTC has thus far indicated a willingness to allow businesses leeway to take action on their own, the industry should be under no illusion that merely cosmetic measures will suffice.

As electronic commerce becomes more ubiquitous, the pitfalls become more obvious. The FTC has made it clear that industry action must be prompt and effective. In the words of FTC Commissioner Christine Varney, it is time for the industry to lead, follow, or get out of the way.

The driving force is respect for our customers. It is the trust we have earned that makes us credible providers of information and analysis. In every action we take, we must demonstrate that we are worthy of that trust, including the way we handle personal information.

Different businesses will develop their own approaches to the issue of self-regulation, but any approach should be benchmarked against four key principles:

* Notice. Consumers should be advised as to the type of information that is being collected and told how that information is to be used.

* Choice. Consumers also should be told how to refuse permission for their personal information to be used for any purposes other than those stated.

* Security. Any company that is collecting consumer information must protect it from unauthorized use.

* Review. Consumers should be able to review and correct information collected about them.

The time has come for information providers in the United States to regulate themselves along these lines. The business reasons for doing so are compelling. Beyond that, it is the right thing for us to do as guardians of public trust in the global village.